Tag: remote file encryption

A recent article on ComputerWorld by Yorgen Edholm highlighted the growing issue that is affecting companies whereby employees “bring their own cloud” to work ie. they use their private personal accounts to interact with people at work using corporate data.

Yorgen does a good job at highlighting why this is an issue:

“How would you feel if a competitor picked up your product specs? An investor got a copy of your quarterly financials before earnings?”

“Every IT team knows that busy employees don’t always clean up after themselves.”

“From my perspective, the public cloud is not the problem but rather the unsupervised use of the public cloud by employees that make the public cloud problematic for storing and sharing files.”

As Yorgen rightly points out:

“In the end it comes down to control. How much control do you need over your data, who has access and where is information being stored?”

The issue is one of control. The problem that most companies have in the first instance that they have no policy with regards to use of private or public clouds and no way to enforce it. Almost all of the Enterprise File Share and Sync Solutions that exist today suffer from a lack of control. This lack of such controls is highlighted by recent research by the Osterman Research Group.

The way Storage Made Easy handles this is:

– Companies can continue to allow employees to use private or personal clouds.There is a governance option regarding this in which administrators of the SME system can grant employees the ability to add personal clouds.

– Once added any meta information can be audited. This is information such as a file title, date, if the file was shared etc. This works if the file is used from the SME system or if the file is sent direct from a Cloud Provider, such as DropBox. Alerts can be set to inform an Administrator for a certain file and event.

This helps to have visibility of data used with private employee clouds and provides some reactive control but it does not solve companies having pro-active control of their data and not just private consumer cloud data but all data that can be shared from within a company.

To aid with proactive management of data SME provides governance controls across all data cloud that are mapped to the SME service and Apps and App Integrations to enable companies to mandate or promote the use of these within their company. An example of this is Microsoft Outlook in which the SME PlugIn enables files to be shared across all public / private but promotes the use of secure file sharing with password and expiry options (and which is inclusive of auditing).

The auditing feature enables a complete file event history of any corporate file store that can be exposed as a .csv or excel, or that can be simply checked online through the service. As well as auditing the events,remote access to the file is also monitored and IP addresses logged.

Another aspect of control is security and where the cloud is being used particularly the security of files being stored remotely and the trust that you put in the remote provider to protect unauthorized access to data. As Yorgen pointed out in his original article:

“Take the recent NSA PRISM situation as an example. Users were not aware that their service providers were cooperating with the NSA to gather personal information from the public cloud – putting the spotlight on how little control organizations have over government access to their hosted data. While use of IT managed storage doesn’t mean that the government can’t demand access to data, it does mean that your organization would know what data they were gathering, rather than reading about it in the newspapers later.”

The SME system puts the security control back in the hand of companies by enabling companies to securely encrypt data using a private key that is stored on a remote cloud service that can be done on a per file basis or for all files.